package cj.web.login.controllers;

import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import net.paoding.rose.web.annotation.Param;
import net.paoding.rose.web.annotation.Path;
import net.paoding.rose.web.annotation.rest.Get;
import net.paoding.rose.web.annotation.rest.Post;
import net.paoding.rose.web.var.Model;

import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.springframework.beans.factory.annotation.Autowired;

import cj.web.admin.dao.ConfigInfoDAO;
import cj.web.admin.dao.MemuInfoDAO;
import cj.web.admin.dao.UserInfoDAO;
import cj.web.admin.dao.UserRoleRefDAO;
import cj.web.admin.domain.UserInfo;
import cj.web.admin.utils.Base64;
import cj.web.admin.utils.DateUtils;
import cj.web.admin.utils.MD5Security;
import cj.web.admin.utils.RsaUtil;

@Path("")
public class LoginController extends BaseController{
	
	protected static final Log logger = LogFactory.getLog(LoginController.class);
	
	@Autowired
	private UserInfoDAO userInfoDao;
	@Autowired
	private MemuInfoDAO memuInfoDao;
	@Autowired
	private ConfigInfoDAO configInfoDao;
	@Autowired
	private UserRoleRefDAO userRoleRefDao;
	
	@Get("")
    public String main() throws InterruptedException {
        return "/views/login.vm";
    }
	
	/**
	 * 判断系统级权限
	 * @return
	 * @throws Exception 
	 */
	private boolean querySecurityKey() throws Exception{
		String key = configInfoDao.querySecurityKey();
		
		if(key==null || "".equals(key)){
			return false;
		}
		String showDate = RsaUtil.decryptByPrivateKey(key);
		
		if(DateUtils.compareDateWithNow(DateUtils.parse(showDate, DateUtils.DATE_SMALL_STR))>=0){
			return true;
		}else{
			return false;
		}
	}
	
	@Post("login")
	public String login(Model model,@Param("useraccount") String account,@Param("pwd") String pwd,
			HttpServletRequest request,HttpServletResponse response){
		try {
			
			if(!querySecurityKey()){
				return "r:sk/show";
			}
			
			UserInfo userInfo = userInfoDao.queryByAP(account);
			
			if(userInfo==null){
				model.add("msg","无此用户");
				return "/views/login.vm";
			}
			else{
//				if(userInfo.getPwd().equals((MD5Security.md5(pwd)))){
				if(userInfo.getPwd().equals(pwd)){
					List<String> memunamelis = userInfoDao.queryByMemu(userInfo.getId());
					
					String memuname="@";
					for(String str:memunamelis)
					{
						memuname+=str+"@";
					}
					addCookie(response, "memuname", memuname);
					addCookie(response, "account", account);
					addCookie(response, "userId", String.valueOf(userInfo.getId()));
					addCookie(response, "name", Base64.getBase64(userInfo.getName()));
					addCookie(response, "_token_", MD5Security.returnSingKey(account));//种植的Key
				}
				else{
					model.add("msg","密码不正确");
					return "/views/login.vm";
				}
			}
			
		} catch (Exception e) {
			// TODO: handle exception
			e.printStackTrace();
			return "/views/login.vm";
		}
		
		return "r:index";
    }

	
	@Get("logout")
    public String logout(HttpServletRequest request,HttpServletResponse response){
		removeCookie(response, "memuname");
		removeCookie(response, "account");
		removeCookie(response, "userId");
		removeCookie(response, "name");
		removeCookie(response, "_token_");
		return "/views/login.vm";
    }
	
	@Get("index")
    public String index(Model model,HttpServletRequest request) {
		model.add("account",returnSessionObj(request).getAccount());
        return "/views/main.vm";
    }
}